Should Fedora rpms be signed?
Alexandre Oliva
aoliva at redhat.com
Tue Oct 26 20:44:32 UTC 2004
On Oct 26, 2004, Elliot Lee <sopwith at redhat.com> wrote:
> On Tue, 26 Oct 2004, nodata wrote:
>> Packages for Fedora Core test (rawhide) aren't always signed.
>>
>> Why?
> If you can come up with a script to sign .rpm's without typing in a
> password, I'll be happy to look at it.
That's easy. AFAIK, you could just have a signing key without a
passphrase, or have the passphrase encoded in plain text in an expect
script that runs rpm --resign. But would you really want to do that?
--
Alexandre Oliva http://www.ic.unicamp.br/~oliva/
Red Hat Compiler Engineer aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist oliva@{lsd.ic.unicamp.br, gnu.org}
More information about the test
mailing list